Secure and privacy-preserving data communication in Internet of Things Secure and privacy-preserving data communication in Internet of Things
Problems, Models and Goals
In wireless sensor networks, sensor nodes are first classified by their roles to establish the network structure before data aggregation During data aggregation, these nodes perceive the environment and transmit their readings along a defined path to the base station This section briefly introduces the problems, the network model, the security model, and the security goals that guide secure and efficient operation of wireless sensor networks.
Wireless Sensor Networks (WSNs) have unique characteristics and constraints that make traditional networking schemes infeasible, so understanding these features is essential for designing practical WSN solutions The challenges in WSNs stem from two main sources: the sensor nodes themselves and the network they form Sensor nodes, which constitute the majority of WSN deployments, are highly resource-constrained, with limited memory, finite energy, and restricted processing power (CPU), and these limitations shape every aspect of WSN design, including routing, data aggregation, and overall architecture.
A sensor is a small device with a small amount of memory for code and parameters.
To illustrate, the common sensor MICA2 has 4 K RAM, 128 K program memory and
512 K flash storage [9] Given this constraint, the code size of a proposed scheme must be as small as possible.
Energy efficiency is the main challenge in wireless sensor networks (WSNs) After deployment, sensors’ batteries are typically non-replaceable, making every operation crucial to conserve power Consequently, all sensor activities must be lightweight and optimized for low energy consumption, ensuring a prolonged network lifetime and reliable data collection.
The MICA2 platform uses a 16‑bit, 8 MHz microcontroller as its CPU In wireless sensor networks, sensor processors are typically modest, so lightweight operations are preferred Since each node communicates wirelessly over a limited radio range—about 152 meters for MICA2—data from distant sensors must be forwarded via multi-hop routing to reach the base station This multi-hop communication can introduce substantial transmission latency and create synchronization challenges among sensor nodes.
From the viewpoint of network, when sensors are deployed in the field, they always form a network autonomously Several problems also arise.
Sensor deployments in remote or hostile environments, like battlefields, are typically unattended for long durations, making them vulnerable to physical tampering and natural hazards The network topology may be unclear to the owner, and some sensors can unexpectedly drop offline due to bad paradrop locations, drained energy, or damage from wildlife Addressing these challenges requires robust security, reliable fault tolerance, and energy-efficient operation to maintain continuous sensing and data integrity.
ModelsHere we will introduce node classification, network structure, and differ- ent attacks on wireless sensor networks.
Node Classification Typically, there are four types of sensor nodes in wireless sensor networks which are: (i) sensing nodes, (ii) aggregate nodes, (iii) relay node, and (iv) querier (e.g., base station).
In wireless sensor networks (WSNs), sensing nodes constitute the majority of network devices and typically integrate a sensing unit, a processing unit, a power unit, and a transceiver When a sensing task is initiated, these nodes collect data from the surrounding environment and perform preprocessing before forwarding the data to the next hop in the network This preprocessing may include data mapping, encryption, digital signing, and other security and data-quality measures.
Aggregate nodes act as intermediate nodes that collect preprocessed data from downstream sensor nodes and apply an aggregation function—such as Max, Min, Sum, or Average—to summarize the measurements The resulting data are then forwarded to the next hop along the transmission path until the querier receives them By contrast, relay nodes simply forward the data they receive to the next hop, serving as straightforward relays within the network.
Ultimately, the querier receives semi-processed data from one or more aggregate/relay nodes and executes aggregation and other pertinent processing to derive useful information indicating the occurrence of events that the base station is expecting to detect The processing may include data mapping, decryption, signature verification, and other verification or transformation steps to ensure data integrity and provide actionable insights for event detection.
Network structure: Sensor networks deployed in remote and hostile environments require a static network topology to ensure reliable intranet communication and data transmission Determining the network structure is essential to route data from sensing nodes to the base station Typically, the network topology is divided into two main categories, guiding how clusters or other organizational schemes are designed to optimize communication efficiency and energy use.
A cluster in a wireless sensor network consists of cluster members (the ordinary sensing nodes) and a single cluster head The cluster head acts as the cluster manager and is responsible for local data aggregation from its members The head’s role can be fixed before deployment or adaptively elected according to the network topology and conditions It is generally assumed that a cluster head has stronger communication and computation capabilities than the member nodes In diagrams of cluster-structured networks, the cluster head is typically shown at the center with member nodes surrounding it, illustrating its central role in local data aggregation.
A tree-structured network consists of leaf nodes, intermediate nodes, and a single root node Leaf nodes are the normal sensing nodes that generate data and send it to their parent, the intermediate node Data aggregation takes place at intermediate nodes, where the data from all child nodes is aggregated and the semi-aggregated result is sent upward, though intermediate nodes can also simply relay data without performing any aggregation The root node controls the subtree rooted at itself and awaits data from downstream nodes As shown in Fig 2.1, the tree-structured network places the root node at the top, with intermediate nodes in the middle and leaf sensor nodes at the bottom, all circumscribed by an imaginary boundary.
Although cluster heads can forward data directly to the querier over long-range radio transmissions, this approach is inefficient for energy-constrained sensor nodes In practice, cluster heads from different clusters typically form a tree with relay nodes to transmit data via multi-hop paths, delivering better energy efficiency Both cluster-based and tree-based topologies support improved resource allocation and more effective energy control during data collection and aggregation The construction of either a cluster structure or a data-collection tree is a crucial preparatory phase, however this chapter mainly introduces secure data aggregation and will not paraphrase the construction phase.
Attacks on wireless sensor networks (WSNs) expose these systems to a range of security threats The level of damage varies with the adversary’s model and the network topology Six common attack types are typically observed in WSNs Essentially, an attacker aims to cover their tracks, disrupt the data aggregation process, and mislead the base station into accepting a false aggregation result.
Node compromise attacks are among the most severe threats in sensor networks, as an adversary can gain full control of a sensor node—whether a sensing node, an aggregate node, or a relay node—and access all information stored on it, including cryptographic keys With such control, the attacker can extract sensitive data and later replay old messages, potentially disrupting data integrity and confidentiality They can also selectively forward messages or inject misleading data while remaining undetected, posing a pervasive risk regardless of which node is corrupted This underscores the need for robust defenses such as strong node authentication, effective key management, replay protection, and anomaly detection to safeguard the network against node compromise attacks.
Selective forwarding attack in wireless sensor networks occurs when a sensing node or intermediate node is compromised and controlled by an adversary who decides whether to forward the sensed data or received messages By preventing compromised nodes from forwarding data, the attacker can stop the base station from recording or responding to the targeted event For example, an adversary could prevent a captured sensing node from sending a message indicating the movement of an enemy tank, thereby blocking critical situational awareness.
Cryptographic-Based Data Aggregation Schemes
In this section, we present the cryptographic secure data aggregation schemes [29, 35–45] These schemes are based on classic cryptography primitives Though their security goals vary from each other.
Secure Information Aggregation (SIA) is a scheme that designs random sampling and interactive proofs to allow a base station to verify that the final aggregation is a close approximation to the true value, even when the aggregator node and some sensing nodes are compromised Its security goal is to prevent stealthy attacks and ensure that, if the base station accepts the result, it is highly probable to be near the true aggregation, making it the first work in secure information aggregation for wireless sensor networks that can tolerate malicious aggregators and sensing nodes In SIA, every sensor with a unique identifier shares secret keys with both the base station and the aggregate node to enable encryption and source authentication, and the approach, called aggregate-commit-prove, consists of three parts: first, the aggregate node collects data, locally computes the aggregation result, and verifies the authenticity of each sensed datum; second, the aggregate node commits to the local data by computing v_i = H(m_i) for each sensed value m_i, with Merkle hash-trees providing an efficient commitment wherein leaves hold the sensed data and interior nodes store hashes of concatenated child nodes, and the root of the tree serves as the commitment; third, the aggregate node reports the local result together with the commitment and proves the correctness of the result, with an illustration of Merkle-tree construction typically provided Consequently, SIA offers data confidentiality, data integrity, and source authentication In contrast, Secure Data Aggregation and Verification (SecureDAV) notes that bootstrapping keys is a challenge in WSNs and public-key cryptosystems are unsuitable for resource-constrained sensor networks, proposing a protocol for establishing cluster keys using verifiable secret sharing.
Merkle hash-tree construction [46, 47] elliptic curve cryptosystems for encryption due to their fast computations and smaller key size Besides, they proposed SecureDAV protocol that could ensure that the base station never accepted a false aggregation result.
They developed a cluster key establishment protocol in which every sensor node within a cluster shares a secret cluster key, but each node holds only a share of it, and this key is used to generate partial signatures via ECDSA In their secure data aggregation and verification protocol, a sensing node transmits its identifier, the encrypted data R_i (encrypted with the shared key k_CHi_i between node i and cluster head CH_i), and h_i = H(R_i) to CH_i The cluster head decrypts the data, aggregates the readings by updating the average with each decryption R_j divided by the cluster size |CH_i|, generates partial signatures and combines them into a single signature CH_i then transmits the cluster identifier, the encrypted average value, and the combined signature to the base station, which verifies the signature using the public key SecureDAV thus provides data confidentiality, data integrity and source authentication.
Concealed Data Aggregation (CDA) provides end-to-end encryption for reverse multicast traffic between sensor nodes and the base station In CDA, aggregate nodes can perform aggregation on ciphertexts, saving time by avoiding costly decryption and encryption operations This is achieved using the encryption transformation and decryption transformation of the privacy homomorphism (PH) The PH is probabilistic, since encryption involves randomness that maps a given plaintext to one of several possible ciphertexts.
Specifically, each sensing node shares a secret keyk=(r,g )with base station and it randomly splits its sensed dataainto a secret sequencea 1 , ,a d such that a= d j = 1 a j modg anda j ∈Z g Then it computes the encryption ifa:
Aggregate node collects messagescfrom sensing nodes and computes the aggrega- tion resultS, and sent it to base station:
Base station compute the plaintexty: y= Dec k (S) n = (S 1×r −1 , ,S 2×r −2 , ,S d ×r − d )modg n
Fig 2.4 Concealed data aggregation for WSNs with privacy homomorphism [36]
In addition, CDA can be applied to the concealed movement detection problem For example, consider five sensing nodes that know their relative positions, and discretize the sensed data to a binary domain of 0 and 1 In this configuration, the observations are summarized by a message tuple that encodes the binary readings and the spatial relationships among the nodes, enabling efficient and robust concealed movement detection and downstream analysis.
(0,0,0,1,1)means that an entity has moved from position 1 to position 2, or vice versa Figure2.2depicts the concealed data aggregation process.
Authors note that encryption, decryption, and addition operations in Domingo-Ferrer’s Privacy Homomorphism (PH) are more expensive in clock cycles than those required by RC5 Nevertheless, they argue this drawback is acceptable since the aggregator node is the performance bottleneck in a connected wireless sensor network (WSN), with the primary objective being to balance energy consumption Finally, Concealed Data Aggregation (CDA) provides data confidentiality only Figure 2.4 illustrates an example of the data aggregation phase in CDA.
Chan et al address securely and efficiently performing aggregation queries (including MEDIAN, SUM, and AVERAGE) and present the first algorithm for provably secure Hierarchical In-Network Aggregation (SHIA) applicable to general sensor networks with multiple adversarial nodes The algorithm guarantees that an adversary cannot gain any advantage by manipulating intermediate aggregations SHIA supports arbitrary tree-based network topologies and remains robust against aggregation manipulation even when arbitrarily many malicious sensor nodes are present.
The core algorithm securely computes the sum S = a1 + a2 + + an, where ai is the data value reported by sensing node i, enabling secure sum aggregation in distributed sensor networks Building on the aggregate-commit-prove framework described in [29], the approach extends from a single-aggregate-node model to a fully distributed setting It integrates a commitment structure for the data values with the aggregation process, enabling verifiable aggregation as each sensor node can audit the commitment to confirm its contribution is included in the final sum If an attacker tries to omit a node’s data, the resulting inconsistency in the commitment can be detected by the victim node, ensuring robust defense against exclusion attacks.
Specifically, the algorithm mainly contains three phases: query dissemination phase, aggregation-commit phase, and result-checking phase.
Query dissemination begins when the base station broadcasts the query to all sensor nodes If an aggregation tree with the base station as the root does not already exist, one is formed Tiny Aggregation Service (TAG) [23] is one of several algorithms for selecting the structure of the aggregation tree, and each node chooses its role within the tree.
Fig 2.5 An example of commitment tree in
According to SHIA [37], the node that first hears the tree-formation message becomes the parent node in the resulting topology Once the tree is established, the base station issues a query request that includes a nonce to prevent replay attacks, and the entire request message is authenticated to ensure integrity and authenticity of the communication.
Aggregation commit in the naive approach starts with sensing nodes sending the number 1, the sensed data, its complement, and the node ID to their parent Each aggregate node then computes a cryptographic hash over all its inputs, including its own data value if it has one, producing a compact commitment of the data The resulting hash value is forwarded to the parent node together with the intermediate aggregation result, propagating cryptographic commitments up the aggregation tree Figure 2.5 depicts a commitment tree composed of the hashes of data values and the intermediate aggregation results, illustrating how the aggregation commit is maintained across the network.
Definition 1 A commitment tree is a tree where each sensing node has an associated label representing the data sent to its parent node The label has the following format:
In a hierarchical sensing network, the notation represents four core metrics for the subtree rooted at a given node Count is the number of sensing or contributing nodes within that subtree Value is the sum of data values gathered from all sensing nodes in the subtree Complement reflects the aggregate of data values outside the subtree (the complement) Commitment is a cryptographic hash computed on the concatenation of N, count, value, complement, and the labels from sensing nodes within one-hop range, providing data integrity and provenance for the aggregated information.
Result-checking is a verification phase designed to let each sensor node independently confirm the integrity of the aggregation process Specifically, each node verifies that its own contribution a_i is included in the overall SUM aggregation result, and that the corresponding complement r − a_i is included in the COMPLEMENT aggregation result This independent verification protects data integrity in distributed sensor networks and ensures that both the SUM and COMPLEMENT aggregations reflect every node's input accurately.
The aggregation results are authenticated and broadcast to every sensor node Each node independently verifies that its data was counted, and if verification succeeds, it sends an authentication code to the base station Once the base station has collected all authentication codes, it confirms that every sensor node’s contribution has been correctly incorporated into the aggregation result.
They define the notion of optimally secure and prove that SHIA provides the strongest security bound that can be established for any secure aggregation scheme, without making any assumptions about the distribution of sensed data SHIA, however, only provides data integrity.
Fig 2.6 An example of data aggregation phase and result-checking phase in E2IPAP [38]
Non Cryptographic-Based Data Aggregation Schemes
In this section, we present the non-cryptographic secure data aggregation schemes [31, 52–57].
A witness-based data aggregation scheme for wireless sensor networks (WSNs) is proposed to address the assurance problem and ensure the validation of data transmitted from aggregate nodes to the base station The approach selects several neighboring sensor nodes around each aggregate node as witnesses to monitor the data aggregation process, providing independent verification and enhancing trust in the aggregated results received at the base station [31].
To ensure secure data aggregation, the architecture introduces witness nodes whose job is to produce proofs for the aggregated results The aggregate node must gather MAC-based proofs from several witness nodes to validate the aggregation before forwarding it to the base station While witness nodes also perform data aggregation, they do not transmit the final aggregation result themselves; instead, each witness node computes the MAC proof of its result and sends it to the aggregate node, which then relays these proofs to the base station If the aggregate node is compromised, an adversary attempting to inject a false aggregation must forge the MAC proofs corresponding to that falsified result, making tampering detectable and more difficult.
A voting scheme with m+1 participants is used to validate the aggregation result The aggregate node and the witness nodes share secret keys with the base station We select m witnesses w1, w2, , wm and their MAC keys k1, k2, , km to share with the base station After receiving data from the sensor nodes, each witness computes the aggregation result agg_i and sends MAC_i = MAC(agg_i, w_i, k_i) to the aggregate node The base station accepts the aggregation result if at least n−1 of the witnesses agree with the aggregation result; otherwise it discards the result.
One special case is thatnis equal tom+1 After receiving(MAC 1 ,MAC 2 , , MAC m )from the witness nodes, the aggregate node computes
MAC Agg =MAC(Agg,k Agg ,MAC 1
In this scheme, Agg denotes the aggregation result and k_Agg is the MAC key shared by the base station and the aggregate node After the base station receives the tuple (Agg, w1, w2, , wm, MAC_Agg), it computes a verification to ensure the integrity and authenticity of the aggregated data by validating MAC_Agg using the shared key k_Agg and the inputs Agg and the corresponding weights w1 through wm.
MAC i =MAC(Agg,w i ,k i ), MAC Agg =MAC(Agg,k Agg ,MAC 1
Fig 2.11 A witness-based approach in wireless sensor networks [31]
In a witness-based scheme for wireless sensor networks, the base station considers an aggregation valid only if the MAC attached to the aggregated data matches the corresponding MACs from the contributing nodes To enhance robustness against DoS attacks, the aggregator should not merge all MACs; instead, it forwards the individual MACs to the base station for verification The aggregation result is accepted only when at least n out of m+1 MACs are matched; otherwise, the result is discarded This witness-based approach provides data integrity, and Figure 2.11 illustrates its use in wireless sensor networks.
SRDA [52] is proposed for cluster-based wireless sensor networks (WSNs) to reduce the number of bits transmitted, addressing the high energy cost of radio communications in sensor nodes This approach enables sensors to send only the difference between the current raw sensed value and a reference value The reference data is the average of a series of previous sensor readings, facilitating efficient differential data transmission and substantial energy savings in WSN deployments.
Implementing a key distribution protocol establishes secure peer-to-peer communication links between sensor node pairs In every session, each sensor node computes its reference value as the average of the last N sensed data values, creating a consistent reference for secure data exchange The session begins when the sensor node transmits the first data packet containing the value Ri1, initiating secure communication for that session.
R i1is taken as the reference value of sensor nodei All packets in the session are encrypted as follows:
(a) Ascertainsh, the number of hops to the base station.
(c) Increases the minimum number of rounds of RC6 [58]
(d) Encrypts the data using RC6.
In this approach, the cluster-head creates a reference entry for each sensor node For all subsequent readings M_j, the sensor node transmits differential data, computed as M_j − M_i1, relative to its stored reference When the session ends for sensor node i, the cluster-head removes the corresponding reference entry M_i1.
SRDA provides data confidentiality, data integrity and source authentication.
To illustrate, let 30 ◦ C denote the temperature measurement of a sensor node If
25 ◦ C is considered as reference temperature by the cluster head, the sensor node can send only the difference (i.e., 5 ◦ C).
Based on an extended Kalman filter, which helps set up a normal range for the neighbor’s future transmitted aggregated values, the authors [53] further applied a hybrid algorithm that combines cumulative summation (CUSUM) and generalized likelihood ratio (GLR) This approach utilizes the cumulative sum of the deviations between measured values and estimated values to derive a normal range, enabling more accurate boundary estimation for future communications in the network.
Intrusion Detection Modules (IDMs) and System Monitoring Modules (SMMs) must cooperate within wireless sensor networks (WSNs) to detect threats effectively When node i raises an alert on node j due to an event E, an investigation into E is launched in collaboration with existing SMMs to determine whether E is dangerous Specifically, IDM i can query sensor nodes around j to solicit their opinions on E If the majority of these neighboring nodes believe that E could occur, E is deemed a potentially dangerous event.
An Extended Kalman Filter (EKF) based approach requires a state transition function F that maps the state at time k, x_k, to the state at time k+1, x_{k+1} Using Intel Lab Data, the relationship between x_k and x_{k+1} is examined, revealing that a faulty reading occurs when the difference between consecutive readings exceeds 10 A linear form for F is assumed: x_{k+1} = x_k + w_k, where w_k denotes the process noise at time k The authors also apply Maximum Likelihood Estimation (MLE) to estimate the model parameters.
QwhereQis the variance of distribution thatw k follows and the estimate is
The CUSUM-GLR local detection method monitors a sequence of observations y0, y1, , yk drawn from a density pθ(y), with θ = θ1 after the change at time t0 To detect a shift in θ, the hypotheses H0: θ = θ0 and H1: θ = θ1 are formulated The log-likelihood ratio is defined as s_k = ln [ p_{θ1}(y_k) / p_{θ0}(y_k) ]; the statistic s_k moves from negative to positive when θ changes, signaling a detected change.
S N = N i =0 s i is defined that it first decreases withN, and then increases afterθ is changed fromθ 0toθ 1.S N can detect the change iny k CUSUM-GLR provides data integrity and source authentication.
Yang et al [54] identified a core challenge in secure data aggregation for wireless sensor networks: how can the base station accurately approximate the fusion result when a fraction of sensor nodes are compromised and the aggregation tree places greater trust in high-level nodes than in low-level ones? To tackle this problem, they proposed the Secure Hop-by-hop Data Aggregation Protocol (SDAP).
SDAP follows two core design principles: divide-and-conquer and commit-and-attest It uses a probabilistic grouping technique to dynamically partition nodes into multiple logical groups, where a commitment-based hop-by-hop aggregation is performed within each group to yield a group aggregation result The base station then reviews these results and identifies suspicious groups Any group flagged as suspicious proceeds to an attestation phase to prove the correctness of its group aggregation, while the final aggregation is computed from all group results that are either normal or have passed attestation SDAP operates in three phases—query dissemination, data aggregation, and attestation—and it provides data confidentiality, data integrity, and source authentication for secure wireless sensor networks.
Many data aggregation protocols in sensor networks assume that all sensor nodes are fully trusted, but cryptographic primitives alone are not sufficient A reputation- and trust-based framework provides effective decision-making since each node’s trust evolves over time Zhu et al observed that nodes with bad reputation due to malfunction or temporary dormancy can be temporarily excluded from participation They proposed the Integrity Preserving Event Report Protocol (IPERP), which validates events and dynamically adds or removes members based on ongoing reputation and trust assessments.
Summary
Chapter 2 introduces two families of secure and efficient data aggregation schemes for wireless sensor networks, designed to enable secure communication with the base station and to extend the network lifetime through improved energy efficiency and reduced data transmission overhead.
1 I.F Akyildiz, W Su, Y Sankarasubramaniam, and E Cayirci 2002 A survey on sensor net- works IEEE Commun Mag., 40 (8): 102–114.
2 J Yick, B Mukherjee and D Ghosal 2008 Wireless sensor network survey.Comput Networks,
3 K Akkaya, M Demirbas, and R.S Aygun 2008 The Impact of Data Aggregation on the Performance of Wireless Sensor Networks Wiley Wireless Commun Mobile Comput.(WCMC) J., 8: 171–193.
4 S Ozdemir and Y Xiao 2009 Secure data aggregation in wireless sensor networks: A com- prehensive overview Elsevier Computer Networks, 53(12): 2022–2037.
5 L Hu and D Evans 2003 Secure aggregation for wireless networks Proc of the 3rd Sympo- sium on Applications and the Internet(SAINT) Workshops., 384–391.
6 J A Burke, D Estrin, M Hansen, A Parker, N Ramanathan, S Reddy, and M B Srivastava.
2006 Participatory sensing Proc of the 1st ACM World-Sensor-Web(WSW) Workshops, 1–5.
7 Jeff Howe 2006 Crowdsourcing: a definition, crowdsourcing: Why the power of the crowd is driving the future of business Available via DIALOG http://crowdsourcing.typepad.com/cs/2006/06/crowdsourcing_a.html
8 R Ganti, F Ye, and H Lei 2011 Mobile crowdsensing: Current state and future challenges.
9 Crossbow Technology Inc Mica2 datasheet, 2006 www.xbow.com/Products/productdetails. aspx?sid4.
10 M A M Vierial, A.B da Cunda, and D C da S Junio 2006 Designing wireless sensor nodes Proc of the 6th International Workshop on Embedded Computer Systems: Architectures, Modeling, and Simulation(SAMOS), 99–108.
11 W B Heinzelman, A P Chandrakasan, and H Balakrishnan 2002 An application-specific protocol architecture for wireless microsensor networks IEEE Trans Wireless Commun.,1(4):
12 O Younis and S Fahmy 2004 HEED: a hybrid, energy-efficient distributed clustering approach for ad hoc sensor networks IEEE Trans Mobile Comput., 3(4): 366–379.
13 Y Yao and J Gehrke 2002 The Cougar approach to in-network query processing in sensor networks ACM SIGMOD Rec., 31(3): 9–18.
14 S Chatterjea and P Havinga 2003 A dynamic data aggregation scheme for wireless sensor networks Proc of the Program for Research on Integrated Systems and Circuits(RISC)’03,
15 V Mhatre and C Rosenberg 2004.Design guidelines for wireless sensor networks: communi- cation clustering and aggregation Elsevier Ad Hoc Networks J., 2(1): 45–63.
16 P Popovski, F H P Fitzek, H Yomo, T K Madsen, and R Prasad 2004 MAC-Layer Approach for Cluster-Based Aggregation in Sensor Networks Proc of the International Workshop on Wireless Ad-hoc Networks(IWWAN)’04, 89–93.
Pattem, Krishnamachari, and Govindan (2004) examine the impact of spatial correlation on routing with compression in wireless sensor networks, showing how exploiting data similarity can enhance communication efficiency Their study demonstrates that spatial correlation can enable more effective routing strategies when data is compressed, reducing energy usage and bandwidth in sensor networks The work was presented at the 3rd ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN) and appears in the conference proceedings, pages 28–35.
18 C Intanagonwiwat, D Estrin, R Govindan, and J Heidemann 2002 Impact of network density on data aggregation in wireless sensor networks Proc of the 22nd International Conference on Distributed Computing Systems(ICDCS), pp 457–458.
19 C Intanagonwiwat, R Govindan, D Estrin, J Heidemann, and F Silva 2003 Directed diffu- sion for wireless sensor networking IEEE/ACM Trans Networking, 11(1): 2–16.
20 B Krishnamachari, D Estrin, and S Wicker 2002 The impact of data aggregation in wire- less sensor networks Proc of the 22nd International Conference on Distributed Computing Systems(ICDCS) Workshops, 575–578.
21 M Ding, X Cheng, and G Xue 2003 Aggregation tree construction in sensor networks Proc of the 58th IEEE Vehicular Technology Conference(VTC), 58(4): 1049–1059.
22 R Cristescu, B Beferull-Lozano, M Vetterli 2004 On network correlated data gathering.
Proc of the 23rd Conference of the IEEE International Conference on Computer Communi- cations(INFOCOM), 4: 2571C2582.
23 S Madden, M J Franklin, J M, and W Hong 2002 TAG: A tiny aggregation service for ad hoc sensor networks ACM SIGOPS Operating Systems Review, OSDI, 36(1): 131–146.
24 B Zhou, L H NGOH, B S Lee, and C P Fu 2004 A hierarchical scheme for data aggregation in sensor network Proc of the 12th IEEE International Conference on Networks(ICON), 525–
25 M Lee and V W S Wong 2005 An energy-aware spanning tree algorithm for data aggregation in wireless sensor networks Proc of the IEEE PacRrim’05, 300–303.
26 S Lindsey, C Raghavendra, and K.M Sivalingam 2002 Data gathering algorithms in sensor networks using energy metrics IEEE Trans Parallel Distrib Sys., 13 (13): 924C935.
27 G Di Bacco, T Melodia, and F Cuomo 2004 A MAC protocol for delay-bounded applications in wireless sensor networks Proc of Med-Hoc-Net, 208–220.
28 H Alzaid, E F Juan, and G Nieto 2008 Secure data aggregation in wireless sensor network: a survey Proc of the 6th Australasian conference on Information Security(AISC), 81: 93–105.
29 B Przydatek, D Song, and A Perrig 2003 SIA: secure information aggregation in sensor networks Proc of the 1st ACM Conference on Embedded Networked Sensor Systems(SenSys),
30 J Newsome, E Shi, D Song, and A Perrig 2004 The Sybil attack in sensor networks: Analysis and defenses Proc of the 3rd International Symposium on Information Processing in Sensor Networks(IPSN), 259–268.
31 W Du, J Deng, Y S Han, and P K Varshney 2003 A witness-based approach for data fusion assurance in wireless sensor networks Proc of the IEEE Global Telecommunications Conference(GLOBECOM)’04, 1435–1439.
32 A Wood and J Stankovic 2002 Denial of service in sensor networks IEEE Computer, 35(10):
33 J McCune, A P E Shi, and M Reiter 2005 Detection of denial-of-message attacks on sensor network broadcasts Proc of IEEE Symposium on Security and Privacy(S&P).
34 D Westhoff, J Girao, and M Acharya 2006 Concealed data aggregation for reverse multicast traffic in sensor networks: encryption key distribution and routing adaptation IEEE Trans on Mobile Comput., 5 (10): 1417–1431.
35 B Przydatek, D Song, and A Perrig 2003 SIA: Secure information aggregation in sensor networks Proc of the 1st International Conference on Embedded Networked Sensor Sys- tems(SenSys), 255–265.
36 D Westhoff, J Girao, M Acharya 2005 Concealed data aggregation for reverse multi- cast traffic in sensor networks Proc of the IEEE International Conference on Communi- cations(ICC)’05, 3044–3049.
37 H Chan, A Perrig, and D Song 2006 Secure Hierarchical In-network Aggregation for Sen- sor Networks Proc of the 13th ACM Conference on Computer and Communications Secu- rity(CCS), 278–287.
38 L H Zhu and M Li 2011 An Energy Efficient and Integrity-Preserving Aggregation Protocol in Wireless Sensor Networks Proc of the 30th IEEE International Performance Computing and Communications Conference(IPCCC), 1–6.
39 I Rodhe and C Rohner 2008 n-LDA n-Layers Data Aggregation in Sensor Networks Proc of the 28th International Conference on Distributed Computing Systems(ICDCS) Workshops,
40 C Castelluccia, C F Chan, E, Mykletun, and, G Tsudik 2009 Efficient and provably secure aggregation of encrypted data in wireless sensor networks ACM Trans Sensor Net- works(TOSN), 5(3): 1137–1153.
41 C M Chen, Y H Lin, Y C Lin, and H M Sun 2012 RCDA: Recoverable Concealed Data Aggregation for Data Integrity in Wireless Sensor Networks IEEE Trans.Parallel and Distributed Systems(TPDS), 23(4): 727–734.
42 L H Zhu, Z Yang, M Li, and D Liu 2013 An efficient data aggregation protocol concentrated on data integrity in wireless sensor networks International Journal of Distributed Sensor Networks, 2013(7): 1–9.
43 L H Zhu, Z Yang, M Z Wang, and M Li 2013 ID List Forwarding Free Confidentiality Pre- serving Data Aggregation for Wireless Sensor Networks International Journal of Distributed Sensor Networks, 9(2013): 59–72.
44 L H Zhu, Z Yang, J F Xue, and C Guo 2014 An efficient confidentiality and integrity pre- serving aggregation protocol in wireless sensor networks International Journal of Distributed Sensor Networks, 2014(3): 1–8
45 K A Shim and C M Park 2015 A secure data aggregation scheme based on appropriate cryptographic primitives in heterogeneous wireless sensor networks IEEE Trans Parallel and Distributed Systems(TPDS), 26(8): 2128–2139.
46 R C Merkle 1980 Protocols for public key cryptosystems Proc of the 1st IEEE Symposium on Security and Privacy(S&P), 122–134.
47 R C Merkle 1989 A certified digital signature Proc of the 9th Annual International Cryp- tology Conference(Crypto), 218–238.
48 D Johnson, A Menezes, and S Vanstone 2001 The Elliptic Curve Digital Signature Algo- rithm(ECDSA) International Journal of Information Security, 1(1): 36–63.
49 J Domingo-Ferrer 2002 A provably secure additive and multiplicative privacy homomor- phism Proc of the 5th Information Security Conference, 471–483.
50 E Mykletun, J Girao, and D Westhoff 2006 Public Key Based Cryptoschemes for Data Concealment in Wireless Sensor Networks Proc IEEE International Conference on Commu- nications(ICC)’06., 5: 2288–2295.
51 D Boneh, C Gentry, B Lynn, and H Shacham 2003 Aggregate and Verifiably Encrypted Signatures from Bilinear Maps Proc of the 22nd International Conference on the Theory and Applications of Cryptographic Techniques(Eurocrypt), 416–432.
52 H.O Sanli, S Ozdemir, and H Cam 2004 SRDA: secure reference-based data aggregation protocol for wireless sensor networks Proc of the 71st IEEE VTC Fall Conference, pp 4650–
53 B Sun, N Chand, K Wu, and Y Xiao 2007 Change-point monitoring for secure in-network aggregation in wireless sensor networks Proc of the IEEE Global Telecommunications Con- ference(GLOBECOM)’07, pp 936–940.
54 Y Yang, X Wang, S Zhu, and G Cao 2006 SDAP: a secure hop-by-hop data aggregation protocol for sensor networks ACM Transactions on Information & System Security, 11(4):
55 Liehuang Zhu, Meng Li, and Lejian Liao 2012 Dynamic Group Signature Scheme based Integrity Preserving Event Report Sensor Letters, 10(8), pp 1785–1791.
56 Sankardas Roy, Mauro Conti, Sanjeev Setia, and Sushil Jajodia 2012 Secure Data Aggregation in Wireless Sensor Networks IEEE Transactions on Information Forensics & Security(TIFS),
Roy, Conti, Setia, and Jajodia (2014) investigate secure data aggregation in wireless sensor networks, presenting methods to filter out attacker impact to safeguard the integrity of aggregated data The work, published in IEEE Transactions on Information Forensics & Security (TIFS) and spanning pages 681–694, emphasizes robust defenses against adversarial interference in sensor-network data aggregation.
58 R L Rivest, M.J.B Robshaw, R Sidney, and Y.L Yin 1998 The RC6 Block Cipher http:// www.princeton.edu/~rblee/RC6/.
59 G Casella and R L Berger 1990 Statistical Inference Duxbury Press.
60 J Considine, F Li, G Kollios, and J Byers 2004 Approximate aggregation techniques for sensor databases Proc of the 20th IEEE International Conference on Data Engineering(ICED),
61 S Nath, P B Gibbons, S Seshan, and Z Anderson 2001 Synopsis diffusion for robust aggregation in sensor networks Proc of the 2nd ACM Conference on Embedded Networked Sensor Systems(SenSys), 2004.
This chapter analyzes and compares smart grid privacy preservation schemes in detail Traditional power grids transport energy from central locations to large clusters of customers, such as housing estates or apartment blocks In contrast, the smart grid enables two-way flows of energy and information to boost automation and improve the distribution of energy across the grid By leveraging modern technologies, the smart grid delivers energy more efficiently and can promptly respond to grid events such as power-line failures.
Global deployment of smart grids enables utilities to forecast energy demand from meter readings, improving energy efficiency and reducing the use of natural resources Customers can monitor time-based pricing and adjust their energy consumption, such as using power-saving modes on appliances In the United States, more than eight million smart meters have already been deployed By 2020, Europe was estimated to have about 80% of energy consumers equipped with smart meters However, meaningful energy reductions require programmable appliances that interact with the meters to reduce non-essential usage during peak hours.
The primary focus of this chapter is to present two privacy-preserving meter-reading transmission schemes for the smart grid: cryptographic-based schemes and perturbation-based schemes While the smart grid offers numerous benefits to energy companies and consumers, privacy concerns persist, largely because Non-Intrusive Load Monitoring (NILM) techniques can infer user activities from smart meter data Addressing these privacy challenges is essential to protect user privacy while preserving the efficiency and reliability of smart-grid operations.
L Zhu et al., Secure and Privacy-Preserving Data Communication in Internet of Things, SpringerBriefs in Signal Processing,
Figure 3.1 provides an overview of the smart grid and shows how privacy concerns have led some communities to boycott smart-meter installations Several cities in California have voted to disallow the use of smart meters, underscoring ongoing debates over data privacy and security The accompanying figure illustrates an example of a smart grid configuration and its potential implications for customer data.
Smart grids stabilize daily energy usage and prevent shortages by forecasting demand and responding to customer needs, with many energy suppliers adjusting prices based on current consumption and encouraging users to shift non-essential tasks to off-peak times to save money, while today the energy savings from smart grids are enabled by transmitting consumption data to consumers roughly every 15 minutes The article’s first section provides a quick introduction to privacy in smart grids, the second section investigates using rechargeable batteries as a privacy-preserving scheme, evaluating approaches under three goals—privacy preservation, cost efficiency, and utility—and the third section discusses cryptographic-based privacy schemes, covering authentication, securing customer data with cryptography, intrusion detection in the smart grid, and key management of cryptographic keys.
Problems, Models and Goals
While the smart grid brings numerous benefits, it also presents substantial privacy and data concerns as it evolves from the traditional electrical grid Because the smart grid relies on many networked devices, it faces risks of cyber-attacks and requires strong management measures such as authentication The dominant concern among consumers is energy privacy: their usage data could be exposed, potentially allowing companies to infer which appliances are in use inside their homes.
Even if data is sent from homes or businesses using secure communications, the energy provider will obtain a large amount of data related to the customer As mentioned before, this can be worrying to a consumer as a power company can possibly view if a customer is at home or not In particular cases even what TV channel the consumer is viewing can be identified [7] A further concern is that this information, in certain situations is outsourced to third parties to perform information provision and analysis [6].
Operating a smart grid requires handling vast amounts of data across multiple interconnected systems, a level of complexity that brings new challenges and potential security vulnerabilities The integration of the smart grid introduces additional hurdles, including commercial incentives, political issues, and both the physical infrastructure and software deployment involved Understanding how customers will behave and adapt to the smart grid is another crucial consideration Given the data-intensive nature of smart grid operations, energy providers must investigate data-management schemes and analytics solutions that can efficiently process, store, and protect large datasets while supporting reliable, secure grid performance.
Traditional electrical grid technology relies on communication with thousands of devices to operate, and implementing the smart grid will greatly expand this scale As the network grows, maintenance and other operational tasks become more important and challenging, and new issues such as cyber-attacks demand greater attention Additionally, cybersecurity concerns—including denial of service and system availability—must be investigated to ensure secure and reliable grid operation.
An external observer can identify which appliance is in use by analyzing its unique electrical load signature, providing a clear indicator of what is operating in the home This privacy-related concept is illustrated in Figure 3.2, where different devices are shown to produce distinctive power usage patterns that reveal their activity inside the house.
Smart meters installed in homes typically include an interface and wireless connectivity, which, while convenient, create additional security vulnerabilities The openness of these devices highlights the security challenges of the smart grid, particularly in cryptography, key management, and data encryption Securing such a large-scale system raises questions about how to implement robust cryptographic solutions at scale This chapter will explore various encryption and key management schemes to address these security concerns.
Key management in smart grids covers the lifecycle of cryptographic keys—how they are accessed, how their validity is verified, and how they are updated to maintain security A major risk to smart grid availability is the potential for denial-of-service attacks that could saturate the network and disrupt customer traffic, possibly causing power outages Addressing these availability and resilience challenges is essential for the widespread adoption of smart grid technology To protect privacy while preserving secure operation, there are several privacy-enhancing techniques for smart grids, and this chapter explains several of these methods in detail.
There are several privacy models discussed in this chapter; this section focuses on the main models and explains them in detail to clarify the goals achieved by these approaches The first model implements a cryptographic scheme to secure customer data while providing efficient and cost-effective storage for utility providers The second model is perturbation-based and uses a rechargeable battery to support its operation.
Cryptography-based privacy schemes provide a comprehensive model to secure the entire smart grid, overcoming the limitations of a battery-only approach that protects only a single customer’s home Smart meters collect vast amounts of appliance energy usage data from millions of customers, and this data must be securely reported to energy providers To handle the resulting data deluge, strong cryptographic protections and privacy-preserving schemes are employed Cloud computing enables storing meter readings in the cloud, allowing energy providers to process large-scale data efficiently A noteworthy scheme is the privacy-preserving range query (PaRQ), which stores customer data on a cloud-based remote server and uses a cloud token to grant access to the utility, ensuring privacy and confidentiality when data is retrieved.
Another effective option for perturbation-based privacy in the smart grid is the use of a rechargeable battery at the consumer’s premises The concept is simple yet highly effective at preserving privacy: installing a home energy storage system that can store and release energy to smooth out power usage By modulating the charge and discharge of the battery, the approach obscures the true load profile and mitigates the risk of information leakage This implementation directly addresses the Non-Intrusive Load Monitoring (NILM) threat discussed earlier, since the battery’s charge state and activity obscure appliance-level consumption.
Figure 3.3 depicts the system model, where discharge rates can be adjusted to mask the meter readings, thereby preventing an intruder from obtaining energy readings from appliances when access to those readings is blocked, which enhances energy privacy in smart-meter systems.
Fig.3.3 depicts a privacy-enhancing system for energy use based on a rechargeable battery perturbation scheme, consisting of three elements: a power controller, a rechargeable battery, and a smart meter The power controller securely manages power demands, while the smart meter reports total energy usage to the utility and monitors consumption of all appliances at the installation site The rechargeable battery disguises energy usage by charging or discharging at adjusted rates that are hidden from outsiders Since the smart meter records both appliance and battery consumption, the user’s privacy depends on keeping the battery recharge profile and appliance usage concealed The scheme relies on the battery’s finite charge and discharge rates and its actual capacity, and the device must operate within these limits, never exceeding maximum rates or discharging when empty or recharging when full Over time the battery will deplete, and although a rechargeable battery can enhance privacy, cost—installation and maintenance—remains a critical consideration; if costs are too high, the scheme may become impractical.
The privacy goals in the smart grid are threefold: privacy preservation, cost-efficient privacy, and utility-based privacy In later sections, schemes are categorized according to these goals, while this section provides a concise introduction to each objective.
Privacy is essential to protect customer data and prevent access to individual usage details, while battery-based schemes can mask appliance usage by smoothing demand to a constant level to enhance privacy, and cryptographic approaches encrypt data so it remains inaccessible without the correct decryption key A major challenge with cryptography is key and permission management across millions of smart meters, a topic addressed alongside both battery-based and cryptography-based privacy techniques discussed later in this chapter Utility providers need customer energy usage data to estimate demand and set pricing, but this raises concerns about accessing a specific appliance’s usage; differential privacy solves this by aggregating data across customers so no single customer's data is exposed, ensuring privacy and utility can coexist if the scheme is implemented successfully.
Ultimately, cost is the key consideration: if the cost of implementing a privacy-based scheme is too high, it may not be worthwhile The core objective is to balance cost with privacy requirements to enable practical, privacy-preserving solutions for the smart grid Reducing costs can significantly accelerate smart grid development This chapter will discuss various cost-reducing schemes, including cryptographic based and non-cryptographic based approaches, in detail.